package com.ericsson.web;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.ericsson.web.core.Constants;
import com.ericsson.web.core.HSQLDatabase;
import com.ericsson.web.core.IDatabase;
import com.ericsson.web.core.SessionData;
import com.ericsson.web.core.Utils;

public class ServiceLoginAuth extends HttpServlet {

	private final static String USER_NAME="username";
	private final static String PASSWORD="password";
	private final static String REMEMBER_ME="rememberme";
	private final static String SERIES_ID="sid";
	private final static String TOKEN="token";
	
	@Override
	protected void doGet(HttpServletRequest request, 
			HttpServletResponse response) 
	throws ServletException, IOException {
		String password = request.getParameter(PASSWORD);
		IDatabase db = HSQLDatabase.getInstance();
		if(!Utils.isEmpty(password)) {
			String username = request.getParameter(USER_NAME);
			if(!Utils.isEmpty(username))  {
				int userId = db.loginAuth(username, password);
				if(userId >= 0) {
					HttpSession session = request.getSession();
					session.setAttribute(Constants.USERID, userId);
					
					String rememberme = request.getParameter(REMEMBER_ME);
					if(!Utils.isEmpty(rememberme)) {
						SessionData sd = new SessionData(userId);
						db.saveSession(sd);
						addCookie(response, REMEMBER_ME, "true");
						addCookie(response, USER_NAME, db.getUserNameById(userId));
						addCookie(response, SERIES_ID, sd.getSid());
						addCookie(response, TOKEN, sd.getToken());
						
						session.setAttribute(SERIES_ID, sd.getSid());
						session.setAttribute(REMEMBER_ME, "true");
					}
					
					response.sendRedirect(Constants.INDEX_PAGE);
					return;
				}
			}
		} else {
			String rememberMe = "";
			String sid = "";
			String token = "";
			String userName = "";
			Cookie[] cookies = request.getCookies();
			for(Cookie cookie : cookies) {
				if(cookie.getName().equals(REMEMBER_ME)) {
					rememberMe = cookie.getValue();
				} else if(cookie.getName().equals(SERIES_ID)) {
					sid = cookie.getValue();
				} else if(cookie.getName().equals(TOKEN)) {
					token = cookie.getValue();
				} else if(cookie.getName().equals(USER_NAME)) {
					userName = cookie.getValue();
				}
			}
			//System.out.println(userName + " sid=" + sid + " token=" + token);
			if(!Utils.isEmpty(rememberMe) && !Utils.isEmpty(sid) && !Utils.isEmpty(token)) {
				if(rememberMe.equals("true")) {
					token = db.validate(userName, sid, token);
					if(!token.isEmpty()) {
						addCookie(response, TOKEN, token);
						HttpSession session = request.getSession();
						session.setAttribute(Constants.USERID, db.getUserIdByUserName(userName));
						
						session.setAttribute(SERIES_ID, sid);
						session.setAttribute(REMEMBER_ME, "true");
						
						response.sendRedirect(Constants.INDEX_PAGE);
						return;
					}
				}
			}
		}
		response.sendRedirect(Constants.LOGIN_PAGE);
	}
	
	private void addCookie(HttpServletResponse response, String key,
			String value) {
		Cookie cookie = new Cookie(key, value);
		cookie.setPath(Constants.URL_ROOT);
		cookie.setSecure(true);
		response.addCookie(cookie);
	}

	@Override
	protected void doPost(HttpServletRequest request, 
			HttpServletResponse response) 
	throws ServletException, IOException {
		doGet(request, response);
	}
}
